________________________________________ From: centos-bounces at centos.org [centos-bounces at centos.org] On Behalf Of Jeff [jlar310 at gmail.com] Sent: Sunday, February 07, 2010 9:20 AM To: CentOS mailing list Subject: Re: [CentOS] CentOS 5.4 x86_64 authenticating against AD (Server 2008r2) On Fri, Feb 5, 2010 at 6:25 PM, Joseph L. Casale <jcasale at activenetwerx.com> wrote: >>Wbinfo -u & wbinfo -g do indeed work for me however getent passwd or getent group returns no AD users or groups. I have winbind entries in nsswitch for both the passwd & >group entries. Josepeh, I will try a newer RPM from a different repository and see if that resolves my issues. Did my smb.conf look ok? > > getent doesn't need to return data for this to work, just wbinfo. > It's likely the issue I spoke of, aside from the winbind entries > in smb.conf that allow local logon. > > Take my advice: > yum erase samba == uber happiness > > Get ldap working, no interop issues with the old samba version in rhel and > newer ms servers. Plus you will be using something forward compatible that > a txt edit could likely fix in the event something drastic changed in the > schema and search filters for example had to change. +1 We've been using nss_ldap against AD for years. It's never a problem. Jeff _______________________________________________ Version 3.4.5 of Samba did end up resolving the issue I was having and now AD users can login to the box. I am however interested in going the LDAP route mainly for the forward compatability reason stated by Jeff. Is there anything special I need to do on the DC for the LDAP authentication to work? Thanks, Dan